Skip to content

fix: rsa_crypt() resource leaks on error paths (OpenSSL 3.x)#79

Merged
atoomic merged 1 commit into
cpan-authors:mainfrom
atoomic:koan.atoomic/fix-rsa-crypt-error-leaks
Mar 14, 2026
Merged

fix: rsa_crypt() resource leaks on error paths (OpenSSL 3.x)#79
atoomic merged 1 commit into
cpan-authors:mainfrom
atoomic:koan.atoomic/fix-rsa-crypt-error-leaks

Conversation

@Koan-Bot
Copy link
Copy Markdown
Contributor

@Koan-Bot Koan-Bot commented Feb 19, 2026

Summary

  • rsa_crypt() used CHECK_OPEN_SSL() (which croaks immediately) for error checking, leaking allocated resources when any OpenSSL call fails
  • Replaced with THROW()/goto err pattern for proper cleanup of EVP_PKEY_CTX, OSSL_LIB_CTX, and the output buffer
  • Also freed the output buffer before croaking on the PSS padding validation check

Leaked resources on error (before fix)

Failure point to buffer ossllibctx ctx
PSS padding check leaked - -
CTX allocation leaked leaked -
init_crypt leaked leaked leaked
set_padding leaked leaked leaked
p_crypt (size query) leaked leaked leaked
p_crypt (actual) leaked leaked leaked

Test plan

  • All 278 existing tests pass
  • encrypt/decrypt tested in rsa.t with multiple padding modes

🤖 Generated with Claude Code

@Koan-Bot @claude
fix: rsa_crypt() resource leaks on error paths (OpenSSL 3.x)
0c9760d 
Replace CHECK_OPEN_SSL (which croaks immediately) with THROW/goto err
pattern to ensure proper cleanup of EVP_PKEY_CTX, OSSL_LIB_CTX, and
the output buffer on any OpenSSL failure during encrypt/decrypt.

Also free the output buffer before croaking on PSS padding check.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@atoomic atoomic marked this pull request as ready for review February 20, 2026 02:29
@atoomic atoomic requested a review from timlegge March 12, 2026 17:16
@timlegge timlegge self-assigned this Mar 13, 2026
timlegge
timlegge approved these changes Mar 14, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@timlegge timlegge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good

@atoomic atoomic merged commit 467635a into cpan-authors:main Mar 14, 2026
50 checks passed
This was referenced Mar 16, 2026
Closed
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timlegge timlegge timlegge approved these changes

Assignees

@timlegge timlegge

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Koan-Bot @timlegge @atoomic